Retail website certification

Similar documents
Navigating ISO 9001:2015

ISO compliance

Meeting International Automotive Emissions and Fuel Efficiency Regulations

The importance of consumer electronics safety

Balancing energy and environmental demands

Balancing energy and environmental demands

IATF Automotive Quality Management System

ISO Business Continuity Management System

Balancing energy and environmental demands

Ensure safe and efficient mobility

SAP PartnerEdge Program Guide for Authorized Resellers

State of Mobile Commerce. Q

Beam Suntory Privacy Policy WEBSITE PRIVACY NOTICE

ISO Occupational health and safety management system

FAQ about the General Data Protection Regulation (GDPR)

Unlocking the potential of photovoltaic power

Safaricom Data Privacy Statement

Fiscal year 2017: TÜV Rheinland continues growth strategy with investments in future-oriented topics

Privacy Policy. Revisions to this Policy. What Information we collect. How do we collect Information?

DLB Privacy Policy. Why we require your information

GENERAL PRIVACY POLICY

NCC Group plc. NCC Group plc Interim Results

Testing and Certification Regulations For an SA8000 Applicant Status Certification

TERMS & CONDITIONS. Complied with GDPR rules and regulation CONDITIONS OF USE PROPRIETARY RIGHTS AND ACCEPTABLE USE OF CONTENT

CHAPTER 13 ELECTRONIC COMMERCE

Fritztile is a brand of The Stonhard Group THE STONHARD GROUP Privacy Notice The Stonhard Group" Notice Whose Personal Data do we collect?

OVERVIEW BROCHURE GRC. When you have to be right

Last updated 31 March 2016 This document is publically available at

TERMS OF USE Effective Date: January 1, 2015 To review material modifications and their effective dates scroll to the bottom of the page. 1.Parties.

Privacy and Cookies Policy

THE TRUSTED NETWORK POWERING GLOBAL SUPPLY CHAINS AND THEIR COMMUNITIES APPROVED EDUCATION PROVIDER INFORMATION PACK

Data Loss Prevention - Global Market Outlook ( )

Wearable devices: Safety beyond compliance

Aon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary

What information do we collect online and how is it used?

CliniSys Website Privacy Policy

Energy efficient lighting

SMB Cloud InsightsTM

When and what information does Kantar Worldpanel collect?

Diimex Privacy Policy

World Wide Jobs Ltd t/a Findmyexpert.com Privacy Policy 12 th April 2018

M2M device connections and revenue: worldwide forecast

Mobile Banking and Payments Emerging Trends and Opportunities

Privacy Policy- ADDO Worldwide LLC LAST UPDATED: September 9, 2014

ATHLETICS WORLD CUP PRIVACY NOTICE

register to use the Service, place an order, or provide contact information to an Independent Business Owner;

Hardware Guide. Hardware Guide. Deployments up to 250 Users. Microsoft Dynamics NAV. White Paper. Version 1 (April 19, 2006)

AppPulse Point of Presence (POP)

FSC INTERNATIONAL STANDARD

SMS SERVICE PROVISION

Pay-TV services worldwide: trends and forecasts PAY-TV SERVICES WORLDWIDE: TRENDS AND FORECASTS

ECSA Assessment Report

Protecting your Privacy Winchester Cathedral Privacy Notice

Workday s Robust Privacy Program

Privacy Statement. Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information

PRIVACY NOTICE. What Information Is Collected and How Is It Collected? Last Updated: May 21, 2018

Certified Exporter Approved Provider Program

Legal notice and Privacy policy

The Business Case for a Web Content Management System. Published: July 2001

Security Enhancements

CHECK PROCESSING. A Select Product of Cougar Mountain Software

Access international opportunities

GDPR Compliant. Privacy Policy. Updated 24/05/2018

Startup Genome LLC and its affiliates ( Startup Genome, we or us ) are committed to protecting the privacy of all individuals who ( you ):

TÜV SÜD Industrie Service GmbH. Maximising efficiency of power stations and plants.

Eagles Charitable Foundation Privacy Policy

HPE Partner Ready Digital Marketing Program

ITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability. Session 2: Conformity Assessment Principles

What This Policy Covers

Differentiate Your Business with Oracle PartnerNetwork. Specialized. Recognized by Oracle. Preferred by Customers.

Terms and Conditions. Although we intend to take all reasonable steps to prevent the introduction of

This is a licensed product of Ken Research and should not be copied

FACTS FIGURES TÜV SÜD AG

Privacy Policy Statement Last update 25 th May 2018.

Emerging Technologies The risks they pose to your organisations

GLOBAL MOBILE PAYMENT METHODS: FIRST HALF 2016

Who are we? How do we collect information from you? Privacy Policy

We reserve the right to modify this Privacy Policy at any time without prior notice.

PRIVACY POLICY. What personal data we collect and why we collect it IN ORDER TO: (Date of last update: 1 st January 2019)

Privacy Policy Közbeszerzés Figyelő Ltd.

DATA PROTECTION & PRIVACY POLICY

Content Delivery Network (CDN) - Global Market Outlook ( )

One Sector Community Limited ACN ( OSC ) Privacy Policy

GDPR: A QUICK OVERVIEW

THE TERMS OF THIS PRIVACY & DATA USE POLICY ( POLICY ) ARE LEGALLY BINDING.

SECURING THE UK S DIGITAL PROSPERITY. Enabling the joint delivery of the National Cyber Security Strategy's objectives

PORTICO PRIVACY NOTICE

2. The Information we collect and how we use it: Individuals and Organisations: We collect and process personal data from individuals and organisation

Privacy Policy GENERAL

Customize. Building a Customer Portal Using Business Portal. Microsoft Dynamics GP. White Paper

Our Data Protection Officer is Andrew Garrett, Operations Manager

Plus500UK Limited. Website and Platform Privacy Policy

Privacy Policy First National Group of Independent Real Estate Agents Limited ACN

EAEU EAC certification

PRIVACY POLICY. 1. Introduction

Company Profile. The Approachable Certification Body

Spree Privacy Policy

Valley Blinds GDPR Privacy Policy. Introduction. What kind of personal data do we collect?

ICT support for Primary Schools. Helping primary schools to apply a successful ICT strategy for teaching and digital learning.

Differentiate Your Business with Oracle PartnerNetwork. Specialized. Recognized by Oracle. Preferred by Customers.

Transcription:

Retail website certification The process and benefits White paper Abstract The growth of retail sales via the Internet has increased consumer concerns about the security of their personal information. In addition, questions about the reliability of online purchase processes, delivery capabilities and online customer support have a direct impact on online purchasing behaviors, potentially reducing merchant revenues through online channels. This white paper discusses website certification as a tool to achieve greater transaction transparency and efficiency, thereby increasing consumer confidence, and how TÜV SÜD s s@fer shopping certification can help online merchants achieve these benefits. TÜV SÜD

Contents INTRODUCTION 3 THE PROMISES AND CHALLENGES OF ONLINE TRANSACTIONS 4 THE BENEFITS OF SHOPPING SITE CERTIFICATION 6 S@FER SHOPPING CERTIFICATION REQUIREMENTS 7 THE PROCESS OF S@FER SHOPPING CERTIFICATION 9 CONCLUSION 10 About the TÜV SÜD expert Rainer Seidlitz Head of IT-Security, TÜV SÜD Management Service GmbH Rainer Seidlitz is head of the Strategic Business Unit IT-Security of TÜV SÜD Management Service GmbH, a TÜV SÜD group company. In 2000, Seidlitz developed the online quality standard s@fer-shopping for trusted and secure Internet retail sites. He has more than a decade of direct experience in identifying the technical and organisational weaknesses of online retail sites, and in developing processes and measures for continual and sustained improvement in online shop security. 2 Retail website certification TÜV SÜD

Introduction In just a few short years, the Internet has become a primary sales channel for both traditional brick and mortar merchants as well as new web-only retail giants like Amazon (for books) and Expedia (for travel). Globally, e-commerce sales are expected to reach nearly $1.4 trillion (U.S.) by 2015 [1]. In the U.S. alone, Internet e-commerce transactions accounted for more than $188 billion in sales in 2011, and are projected to increase to nearly $270 billion by 2015. And, 71% of consumers report that they have bought a product on the Internet at least once, with 6% reporting that they buy products on the Internet every day [2]. However, despite the continued growth of the Internet as a retail sales channel, consumers continue to harbour concerns about the security of their personal information, including online passwords and confidential financial data such as credit card numbers. These and other concerns, such as questions about the reliability of online purchase processes, delivery capabilities or appropriate support of online customers, directly impact online purchasing behaviours. Some consumers avoid online purchases all together, and others take additional actions to protect the security of their confidential information. As a result, merchants selling products and services on the web generate only a fraction of the potential revenue available through online sources. This white paper discusses the importance of website certification as a tool to achieve greater transaction efficiency and to increase consumer confidence, and how TÜV SÜD s s@fer shopping certification process can help online merchants achieve these benefits. The white paper is intended for online merchants that offer goods and services for sale via the Internet, either as a primary or secondary sales channel. The paper is also intended for consumers seeking a better understanding of Internet merchant practices designed to secure confidential financial information, personal data and online processes. TÜV SÜD Retail website certification 3

The promises and challenges of online transactions Sales generated through e-commerce channels remain a bright spot in the global retail marketplace. According to the CISCO IBSG Economics & Research Practice, global e-commerce is expected to grow at an annual rate of 13.5% for the next several years, achieving almost $1.4 trillion in annual sales by 2015. While the U.S., the United Kingdom and Japan will still account for more than half of the global e-commerce market, the strongest e-commerce growth will be seen in relatively new markets, including Spain (37%), Brazil (29%), and China, Russia and Mexico (each with 26% growth) [3]. This anticipated growth is likely to result in a significant expansion of existing online retail operations and a surge in new retail websites and e-commerce channels. E-COMMERCE GROWTH Growth in percentage (%) 40 37 35 29 30 26 26 26 25 20 15 10 5 0 Spain Brazil China Russia Mexico Source: CISCO IBSG Economics & Research Practice At the same time, the projected growth in e-commerce masks important consumer concerns about the security of online transactions. According to one research report, fully 87% of consumers who purchase goods or services online or execute an online financial transaction are concerned about the safety of the personal and financial information that they transmit [4]. Other consumer security concerns include the following issues: Lack of transparency in product or service pricing and pricing policies. Unsecured credit card transaction capabilities. Difficulty in obtaining assistance in connection with customer complaints, concerns or questions. Unclear policies regarding product returns or credits. Inability to control unwanted email solicitations. Insufficient protection of the privacy of consumer information. 4 Retail website certification TÜV SÜD

PERCENTAGE OF CONSUMERS WHO EXECUTE ONLINE TRANSACTIONS THAT ARE CONCERNED ABOUT THE SAFETY OF THE PERSONAL AND FINANCIAL INFORMATION THAT THEY TRANSMIT 13% 87% Concerned Not concerned Source: Identify Theft Resource Center Consumer Internet Transaction Concerns Survey Importantly, the lack of transparency in how web-based retailers address these and other issues erodes consumer trust. German research firm Fittkau & Maaß reports that lack of trustworthiness of an online provider is the second most common reason cited by consumers for discontinuing online shopping activities [5]. Therefore, successful online retailers must take the steps necessary to overcome these concerns and build consumer trust. TÜV SÜD Retail website certification 5

The benefits of retail website certification Building and maintaining consumer trust and confidence is an ongoing process and requires a sustained commitment from an online retailer. Evaluating an e-commerce website against the standards required for site certification can provide an online retailer with important information regarding the site s functionality and security, and identify areas for improvement. Achieving compliance with the certification requirements of an e-commerce site assessment also attests to an online retailer s commitment to consumer satisfaction and to the protection of private consumer data. In addition to increasing consumer trust and confidence, an effective site certification assessment process offers the following advantages to retailers: Improved website navigation - A certification assessment evaluates a website s current layout and navigation to ensure that consumers can find the product and service information necessary to make appropriate purchasing decisions easily and efficiently. Optimised online order entry process - An assessment also evaluates a website s current order entry process, and provides information on possible improvements that can optimise the online ordering process, thereby increasing the number of completed transactions. Reduced order rejections/returns - With improved website navigation and an optimised online ordering process, consumers are more likely to be satisfied with their purchases, reducing the number of rejected orders and returns and increasing overall customer satisfaction. Differentiation from competition - Positive online purchasing experiences build consumer trust and confidence in an online retailer, providing a retailer with an important competitive advantage when compared with other retailers offering similar products and services. EFFECTIVE SITE CERTIFICATION ASSESSMENT PROCESS Improved website navigation Optimised online order entry process Reduced order rejections/returns Differentiation from competition Increased consumer trust and confidence 6 Retail website certification TÜV SÜD

S@fer shopping certification requirements TÜV SÜD s s@fer shopping certification assessment process focuses on the retailer s compliance with requirements in four key areas. The requirements are detailed in TÜV SÜD s Requirements Catalogue for the Assessment and Certification of Online Shops [6] and are briefly described in the sections that follow. A. Organisational requirements The online retailer seeking certification must commit to fulfil the certification requirements, and to communicate its commitment to all employees involved in the online retail operation. The retailer must develop operational procedures required to B. Data security S@fer shopping certification requirements dealing with data security require online retailers to first establish a security concept sufficient to ensure the protection of the website contents as well as meet the certification requirements and ensure that it has dedicated sufficient resources (e.g., people, systems, infrastructure, etc.) to meet them. The retailer must regularly assess customer requirements and customer satisfaction levels in the personal data of consumers. The security concept should be regularly re-evaluated and updated as necessary to achieve the retailer s security objectives. Retailers must also enact specific security measures connection with its online activities. Finally, the retailer must commit whatever efforts and resources are required to sustain compliance with the certification requirements to implement the provisions of the retailer s security concept, and develop a plan to address operational disruptions or emergencies. TÜV SÜD Retail website certification 7

C. Data protection The online retailer must implement policies and procedures to protect consumer personal data. Retailer employees that have contact with personal data must be instructed on effective data protection and privacy, and take the steps necessary to protect consumer data. In addition, online retailers must enact the following practices: Consumers must be provided with information about the retailer s data collection and retention policies. Consumer data should only be retained as long as required to fulfil any contractual obligations. After that period, the data should be deleted or blocked from further access. Consumers must be informed beforehand whenever private data could be used for advertising or market research purposes, and be given the opportunity to exclude their data from such uses. Consumer profiles must be protected in a manner that prevents unauthorised use. Consumers must be informed about the implementation and use of activity tracking mechanisms (i.e., cookies ). D. Online content and processes The online retailer must develop and implement policies, procedures and systems to ensure the quality and security of the online shopping experience. A retailer s policies, systems and procedures should address at least the following issues: Compliance with any regulatory restrictions on the purchase of products (e.g., the protection of minors). The representation of promotional offers. The presentation of full information regarding the identity of the online retailer, and the retailer s general terms and conditions of business. Details regarding the products and services to be provided, and their costs. Access to relevant product details and other information to enable the consumer to make an informed purchasing decision. A clear and transparent payment process that provides consumers with confirmation of all transactions. A process to ensure the timely and complete delivery of the products or services ordered. Methods that allow consumers to generate customer service inquiries, and to receive prompt and complete responses to such inquiries. Product return and order cancellation policies, including a minimum 14 day order cancellation policy. 8 Retail website certification TÜV SÜD

The process of s@fer shopping certification TÜV SÜD s s@fer shopping certification process provides a thorough and systematic assessment of the performance and security of a retailer s website. Certification allows a retailer to display TÜV SÜD s s@fer shopping mark on the company s website, which verifies the retailer s commitment to provide a satisfying and secure online shopping experience for consumers. The s@fer shopping assessment includes the following steps: ONLINE ASSESSMENT In the first step of the certification assessment process, the subject website is thoroughly inspected for navigation concept, structure and client information. When appropriate, the certification evaluation can also include the placing of test orders to evaluate the actual website functionality from the consumer s perspective. SECURITY CHECK Next, the security of the website s information technology infrastructure is evaluated using port scanners, security scanners and other specialised instruments. The security evaluation includes all systems which can be accessed online, including firewalls, routers, and name servers. ON-SITE AUDIT The certification assessment process includes an audit of the retailers organisational structure, as well as the company s operating policies related to order processing, consumer inquiries and complaints, and data security and protection. In this way, the audit identifies areas where policies and procedures can be better optimised to improve the consumer s online buying experience. REPORT The certification assessment process results in a detailed report that summarises the findings from each of the previous evaluation steps. The report identifies any deviations from the certification requirements, and provides specific recommendations on additional changes or improvements that can help the retailer optimise their online presence. CERTIFICATION Upon the successful completion of the certification assessment process, the retailer receives a s@fer shopping certificate and the right to display the s@fer shopping mark on their website, and to reproduce the mark on printed materials, such as brochures and catalogs. Once the certification assessment process has been completed, retailers can also retain TÜV SÜD Management Service as a third-party provider of consumer complaint handling services. This service ensures the independence of the customer service function, while leveraging on TÜV SÜD s extensive experience. TÜV SÜD Retail website certification 9

Conclusion Online retail revenues are expected to grow significantly in the coming years, but consumer concerns regarding the integrity of the online shopping experience and the safety and security of their private data are potential obstacles to even more dramatic growth. Retail website certification can be an important tool to build consumer trust and confidence, and can provide a powerful competitive advantage in the marketplace. TÜV SÜD s s@fer shopping certification assessment process can help retailers optimise the online shopping experience of consumers, increasing both consumer satisfaction and retailer profitability. TÜV SÜD is an internationally recognised testing, inspection and certification organisation, with hundreds of technical experts in more than 30 countries around the world. This extensive network makes TÜV SÜD an effective single source for organisations seeking expertise in the assessment and certification of retail websites and other e-commerce channels. In addition to s@fer shopping assessment and certification services, TÜV SÜD Management Service offers certifications in quality management, IT safety and service management, and environmental management. 10 Retail website certification TÜV SÜD

GLOSSARY OF ACRONYMS IBSG internet business solutions group FOOTNOTES [1] The Global E-Commerce Gold Rush: How Retailers Can Find Riches Overseas, Point of View, Cisco Internet Business Solutions Group, accessed December 15, 2012, http://www. cisco.com/web/about/ac79/docs/retail/global-ecommerce_pov_ibsg.pdf [2] E-Commerce & Internet Business Overview, Plunkett Research, LTD, accessed November 3, 2012, http://www.plunkettresearch.com/ecommerce-internet-technologymarket-research/industry-statistics [3] The Global E-Commerce Gold Rush: How Retailers Can Find Riches Overseas, Point of View, Cisco Internet Business Solutions Group, accessed December 15, 2012, http://www. cisco.com/web/about/ac79/docs/retail/global-ecommerce_pov_ibsg.pdf [4] ITRC Consumer Internet Transaction Concerns Survey, Report released by the Identity Theft Resource Center, http://www.idtheftcenter.org, August 13, 2010. [5] Fittkau & Maaß Consulting, Internet Consulting and Research Services website, accessed December 15, 2012, http://www.fittkaumaass.de/ [6] Requirements catalogue for the assessment and certification of online shops, TÜV SÜD Management Service, accessed December 15, 2012, http://www.safer-shopping.de/ uploads/pdf/requirements_shopsb2c.pdf COPYRIGHT NOTICE The information contained in this document represents the current view of TÜV SÜD on the issues discussed as of the date of publication. Because TÜV SÜD must respond to changing market conditions, it should not be interpreted to be a commitment on the part of TÜV SÜD, and TÜV SÜD cannot guarantee the accuracy of any information presented after the date of publication. This White Paper is for informational purposes only. TÜV SÜD makes no warranties, express, implied or statutory, as to the information in this document. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of TÜV SÜD. TÜV SÜD may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from TÜV SÜD, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. ANY REPRODUCTION, ADAPTATION OR TRANSLATION OF THIS DOCUMENT WITHOUT PRIOR WRITTEN PERMISSION IS PROHIBITED, EXCEPT AS ALLOWED UNDER THE COPYRIGHT LAWS. TÜV SÜD Group 2013 All rights reserved - TÜV SÜD is a registered trademark of TÜV SÜD Group. DISCLAIMER All reasonable measures have been taken to ensure the quality, reliability, and accuracy of the information in the content. However, TÜV SÜD is not responsible for the third-party content contained in this newsletter. TÜV SÜD makes no warranties or representations, expressed or implied, as to the accuracy or completeness of information contained in this newsletter. This newsletter is intended to provide general information on a particular subject or subjects and is not an exhaustive treatment of such subject(s). Accordingly, the information in this newsletter is not intended to constitute consulting or professional advice or services. If you are seeking advice on any matters relating to information in this newsletter, you should where appropriate contact us directly with your specific query or seek advice from qualified professional people. The information contained in this newsletter may not be copied, quoted, or referred to in any other publication or materials without the prior written consent of TÜV SÜD. All rights reserved 2013 TÜV SÜD. TÜV SÜD Retail website certification 11

Build consumer trust with retail website certification www.tuv-sud.com/systemcertification systemcertification@tuv-sud.com Choose certainty. Add value. TÜV SÜD is a premium quality, safety and sustainability solutions provider that specialises in testing, inspection, auditing, certification, training and knowledge services. Represented in over 800 locations worldwide, we hold accreditations in Europe, the Americas, the Middle East and Asia. By delivering objective service solutions to our customers, we add tangible value to businesses, consumers and the environment. TÜV SÜD AG Westendstr. 199, 80686 Munich, Germany +49 89 5791-0 www.tuv-sud.com 2014 TÜV SÜD AG V-IM/MS/22.0/en/SG

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback